> ## Documentation Index > Fetch the complete documentation index at: https://docs.zenable.io/llms.txt > Use this file to discover all available pages before exploring further. # Security Assessment > Continuous security scanning with context-aware vulnerability detection and remediation ## Overview Security vulnerabilities hide in complex codebases and evolve with new threats. Zenable provides continuous security scanning with context-aware vulnerability detection and remediation, delivering a proactive security posture with significant reduction in vulnerabilities reaching production. ## Out-of-the-Box Protection Zenable automatically detects these security vulnerabilities: * **OWASP Top 10** - SQL injection, XSS, broken auth, etc. * **Cryptographic Weaknesses** - Weak algorithms, poor randomness * **Hardcoded Secrets** - API keys, passwords, tokens * **Injection Attacks** - Command, LDAP, XML injection * **Insecure Deserialization** - Unsafe object handling * **Known CVEs** - Checks against vulnerability databases ## Custom Security Requirements Enforce your organization's specific security policies: > "All financial transactions must use our SecurePayment service with dual-approval workflow, all PII must be encrypted with AES-256-GCM, and all external APIs must use mTLS with certificate pinning." ## In Action ```bash theme={null} # Run comprehensive security scan with both standard and custom checks zenable check '**/*.{py,js,ts,go,java}' ``` ## Custom Security Examples ### Example: Financial Services Requirements **Your Policy:** "All payment processing must use tokenization and include fraud detection scoring" ```python theme={null} # ❌ AI/developer might write def process_payment(card_number, amount): charge_card(card_number, amount) return "success" # ✅ Zenable enforces your requirements def process_payment(payment_token, amount, user_context): fraud_score = fraud_detection.analyze(user_context, amount) if fraud_score > 0.7: security_team.alert(user_context, fraud_score) return "requires_review" result = tokenized_payment.process(payment_token, amount) audit_log.record_payment(result, fraud_score) return result ``` ### Example: Healthcare Data Protection **Your Policy:** "All PHI must be encrypted at field level with key rotation every 30 days" ```python theme={null} # ❌ Standard encryption def store_patient_data(patient_data): encrypted = encrypt(json.dumps(patient_data)) db.save(encrypted) # ✅ Zenable enforces field-level encryption def store_patient_data(patient_data): encrypted_fields = {} for field, value in patient_data.items(): if field in PHI_FIELDS: key = key_manager.get_current_key(field) encrypted_fields[field] = field_encrypt(value, key) else: encrypted_fields[field] = value db.save(encrypted_fields) key_manager.schedule_rotation() ``` ### Example: Zero Trust Architecture **Your Policy:** "All internal service calls must use mutual TLS with service mesh integration" ```python theme={null} # ❌ Direct service calls def get_user_profile(user_id): response = requests.get(f"http://user-service/users/{user_id}") return response.json() # ✅ Zenable enforces zero trust def get_user_profile(user_id): response = service_mesh.call( service="user-service", endpoint=f"/users/{user_id}", mtls_cert=get_service_certificate(), verify_peer=True, timeout=5000 ) return response.json() ``` ## Benefits * **Proactive Security Posture** - Find vulnerabilities before attackers do * **Custom Policy Enforcement** - Ensure your specific security requirements are met * **Reduced Security Debt** - Prevent vulnerabilities from accumulating * **Compliance Ready** - Meet regulatory security requirements ## Related Use Cases * [Preventing AI Mistakes](/use-cases/preventing-ai-mistakes) - Stop vulnerabilities at the source * [Policy as Code](/use-cases/policy-as-code) - Define security policies programmatically * [Supply Chain Security](/use-cases/supply-chain-security) - Secure your dependencies